同样是准备年底上production环境，一般来说出问题也是会和环境相关的，所以别人的经验也不太适用。还是要建议要把k8s的文档吃透。

我问一下，我的是不是由于访问不了 https://gcr.io，而导致下面的问题。有没有解决办法。谢谢！

kubectl get pods

NAME READY STATUS RESTARTS AGE
my-nginx-bv9ft 0/1 Image: nginx is not ready on the node 0 10m
my-nginx-dryu8 0/1 Image: nginx is not ready on the node 0 10m

kubectl describe pods/my-nginx-bv9ft

Wed, 04 Nov 2015 19:32:47 +0800 Wed, 04 Nov 2015 19:41:52 +0800 5 {kubelet 127.0.0.1} failedSync Error syncing pod, skipping: image pull failed for gcr.io/google_containers/pause:0.8.0, this may be because there are no credentials on this request. details: (API error (500): invalid registry endpoint https://gcr.io/v0/: unable to ping registry endpoint https://gcr.io/v0/v2 ping attempt failed with error: Get https://gcr.io/v2/: dial tcp 74.125.130.82:443: i/o timeout v1 ping attempt failed with error: Get https://gcr.io/v1/_ping: dial tcp 74.125.130.82:443: i/o timeout. If this private registry supports only HTTP or HTTPS with an unknown CA certificate, please add --insecure-registry gcr.io to the daemon's arguments. In the case of HTTPS, if you have access to the registry's CA certificate, no need for the flag; simply place the CA certificate at /etc/docker/certs.d/gcr.io/ca.crt

正打算用k8s，年底会上生产环境。目前没发现有太大的缺陷，可能网络是个要注意的地方。另外mesos并不是专门为容器而设计，k8s也是深度定制，长远来看推荐k8s.
目前k8s v1已经推出，适合生产环境